funsec mailing list archives
Re: Windows-based cash machines 'easily hacked'
From: "Dennis Henderson" <hendomatic () gmail com>
Date: Tue, 18 Mar 2008 11:40:27 -0500
On Tue, Mar 18, 2008 at 10:27 AM, Kitsune <kitsune () sbcglobal net> wrote:
I didn't mean to imply that I could reach (ping) ATMs that were not part of the customer's network (ie STAR, MAC, etc). But to imply that the physical location is irrelevent. If it is the customers machine, it is on (one of) their networks which makes it reachable.
Perhaps we're talking past each other. Yes our ATM's are on our company managed networks. Are they reachable by someone on the WAN? No. Can they talk to anything but the devices they need to talk to for transactions and monitoring? No. Can they reach the Internet? Hell no. :) But thats just one layer of the whole security model...
Perhaps your ATM's are on your WAN. Not all banks share your strategy. Some banks have far more ATMs deployed at gas stations and malls than branches. Makes the isolated network strategy very easy to pull off. kit> I am not the bank, but a contractor. I am also in the US, YMMV. On many of my customer's networks, I can easily reach (ping) every ATM in every mall and gas station and branch from any other part of the network. I'm not trying to toot my own horn, for I have none, but my customers are quite large. and stupid. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Windows-based cash machines 'easily hacked', (continued)
- Re: Windows-based cash machines 'easily hacked' Kitsune (Mar 18)
- Re: Windows-based cash machines 'easily hacked' Dennis Henderson (Mar 18)
- Re: Windows-based cash machines 'easily hacked' Kitsune (Mar 18)
- Re: Windows-based cash machines 'easily hacked' der Mouse (Mar 18)
- Re: Windows-based cash machines 'easily hacked' Dennis Henderson (Mar 18)
- Re: Windows-based cash machines 'easily hacked' Rich Kulawiec (Mar 18)
- Re: Windows-based cash machines 'easily hacked' Dennis Henderson (Mar 18)
- Re: Windows-based cash machines 'easily hacked' Valdis . Kletnieks (Mar 18)
- Re: Windows-based cash machines 'easily hacked' Kitsune (Mar 17)
- Re: Windows-based cash machines 'easily hacked' Dennis Henderson (Mar 18)
- Re: Windows-based cash machines 'easily hacked' Kitsune (Mar 18)
- Re: Windows-based cash machines 'easily hacked' der Mouse (Mar 18)
- Re: Windows-based cash machines 'easily hacked' Kitsune (Mar 18)